used by any of the running output plugins
- issues with ulogd_BASE and partially copied packets (--ulog-cprange)
- problem wrt. ulogd_BASE and fragments
+- implement extension SIGHUP handlers (including config re-parse)
conffile:
- rewrite parser. This stuff is a real mess. Anybody interested?
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*
- * $Id: ulogd_LOGEMU.c,v 1.15 2003/09/28 15:19:26 laforge Exp $
+ * $Id$
*
*/
static FILE *of = NULL;
-int _output_logemu(ulog_iret_t *res)
+static int _output_logemu(ulog_iret_t *res)
{
static char buf[4096];
return 0;
}
-void sighup_handler_logemu(int signal)
+static void signal_handler_logemu(int signal)
{
switch (signal) {
case SIGHUP:
}
-static ulog_output_t logemu_op =
- { NULL, "syslogemu", &_output_logemu, &sighup_handler_logemu };
-
-void _init(void)
-{
- /* FIXME: error handling */
- config_parse_file("LOGEMU", &syslsync_ce);
-
+static int init_logemu(void) {
#ifdef DEBUG_LOGEMU
of = stdout;
#else
ulogd_log(ULOGD_ERROR, "can't resolve all keyhash id's\n");
}
+ return 1;
+}
+
+static void fini_logemu(void) {
+ if (of != stdout)
+ fclose(of);
+}
+
+static ulog_output_t logemu_op = {
+ .name = "syslogemu",
+ .init = &init_logemu,
+ .fini = &fini_logemu,
+ .output = &_output_logemu,
+ .signal = &signal_handler_logemu,
+};
+
+void _init(void)
+{
+ /* FIXME: error handling */
+ config_parse_file("LOGEMU", &syslsync_ce);
+
register_output(&logemu_op);
}
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*
- * $Id: ulogd_OPRINT.c,v 1.9 2002/12/09 14:42:43 laforge Exp $
+ * $Id$
*
*/
static FILE *of = NULL;
-int _output_print(ulog_iret_t *res)
+static int _output_print(ulog_iret_t *res)
{
ulog_iret_t *ret;
CONFIG_OPT_NONE, 0,
{ string: ULOGD_OPRINT_DEFAULT } };
-void sighup_handler_print(int signal)
+static void sighup_handler_print(int signal)
{
switch (signal) {
}
}
-static ulog_output_t base_op[] = {
- { NULL, "oprint", &_output_print, &sighup_handler_print },
- { NULL, "", NULL, NULL },
-};
-
-
-static void _base_reg_op(void)
-{
- ulog_output_t *op = base_op;
- ulog_output_t *p;
-
- for (p = op; p->output; p++)
- register_output(p);
-}
-
-void _init(void)
+static int oprint_init(void)
{
#ifdef DEBUG
of = stdout;
exit(2);
}
#endif
-
- _base_reg_op();
+ return 0;
+}
+
+static void oprint_fini(void)
+{
+ if (of != stdout)
+ fclose(of);
+
+ return;
+}
+
+static ulog_output_t oprint_op = {
+ .name = "oprint",
+ .output = &_output_print,
+ .signal = &sighup_handler_print,
+ .init = &oprint_init,
+ .fini = &oprint_fini,
+};
+
+void _init(void)
+{
+ register_output(&oprint_op);
}
static int syslog_level, syslog_facility;
-int _output_syslog(ulog_iret_t *res)
+static int _output_syslog(ulog_iret_t *res)
{
static char buf[4096];
return 0;
}
-static ulog_output_t syslog_op = { NULL, "syslog", &_output_syslog, NULL };
-
-void _init(void)
+static int syslog_init(void)
{
-
/* FIXME: error handling */
config_parse_file("SYSLOG", &level_ce);
exit(2);
}
+ openlog("ulogd", LOG_NDELAY|LOG_PID, syslog_facility);
+
+ return 0;
+}
+
+static void syslog_fini(void)
+{
+ closelog();
+}
+
+static ulog_output_t syslog_op = {
+ .name = "syslog",
+ .init = &syslog_init,
+ .fini = &syslog_fini,
+ .output &_output_syslog
+};
+
+
+void _init(void)
+{
if (printpkt_init())
ulogd_log(ULOGD_ERROR, "can't resolve all keyhash id's\n");
*
* this code is released under the terms of GNU GPL
*
- * $Id: ulogd.h,v 1.16 2002/06/13 12:55:59 laforge Exp $
+ * $Id$
*/
#include <libipulog/libipulog.h>
struct ulog_output *next;
/* name of this ouput plugin */
char name[ULOGD_MAX_KEYLEN];
+ /* callback for initialization */
+ int (*init)(void);
+ /* callback for de-initialization */
+ void (*fini)(void);
/* callback function */
int (*output)(ulog_iret_t *ret);
/* callback function for signals (SIGHUP, ..) */
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*
- * $Id: ulogd_MYSQL.c,v 1.15 2003/09/29 11:02:40 laforge Exp $
+ * $Id$
*
* 15 May 2001, Alex Janssen <alex@ynfonatic.de>:
* Added a compability option for older MySQL-servers, which
{ } };
/* our main output function, called by ulogd */
-static int _mysql_output(ulog_iret_t *result)
+static int mysql_output(ulog_iret_t *result)
{
struct _field *f;
ulog_iret_t *res;
#define MYSQL_VALSIZE 100
/* create the static part of our insert statement */
-static int _mysql_createstmt(void)
+static int mysql_createstmt(void)
{
struct _field *f;
unsigned int size;
}
/* find out which columns the table has */
-static int _mysql_get_columns(const char *table)
+static int mysql_get_columns(const char *table)
{
MYSQL_RES *result;
MYSQL_FIELD *field;
}
/* make connection and select database */
-static int _mysql_open_db(char *server, char *user, char *pass, char *db)
+static int mysql_open_db(char *server, char *user, char *pass, char *db)
{
dbh = mysql_init(NULL);
if (!dbh)
return 0;
}
-static ulog_output_t _mysql_plugin = { NULL, "mysql", &_mysql_output, NULL };
-
-void _init(void)
+static int mysql_init(void)
{
/* have the opts parsed */
config_parse_file("MYSQL", &table_ce);
- if (_mysql_open_db(host_ce.u.string, user_ce.u.string,
+ if (mysql_open_db(host_ce.u.string, user_ce.u.string,
pass_ce.u.string, db_ce.u.string)) {
ulogd_log(ULOGD_ERROR, "can't establish database connection\n");
- return;
+ return -1;
}
/* read the fieldnames to know which values to insert */
- if (_mysql_get_columns(table_ce.u.string)) {
+ if (mysql_get_columns(table_ce.u.string)) {
ulogd_log(ULOGD_ERROR, "unable to get mysql columns\n");
- return;
+ return -1;
}
- _mysql_createstmt();
- register_output(&_mysql_plugin);
+ mysql_createstmt();
+
+ return 0;
+}
+
+static void mysql_fini(void)
+{
+ mysql_close(dbh);
+}
+
+static ulog_output_t mysql_plugin = {
+ .name = "mysql",
+ .output = &mysql_output,
+ .init = &mysql_init,
+ .fini = &mysql_fini,
+};
+void _init(void)
+{
+ register_output(&mysql_plugin);
}
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*
- * $Id: ulogd_PCAP.c,v 1.7 2003/10/16 12:56:59 laforge Exp $
+ * $Id$
*
*/
#define GET_VALUE(x) ulogd_keyh[intr_ids[x].id].interp->result[ulogd_keyh[intr_ids[x].id].offset].value
#define GET_FLAGS(x) ulogd_keyh[intr_ids[x].id].interp->result[ulogd_keyh[intr_ids[x].id].offset].flags
-int _output_pcap(ulog_iret_t *res)
+static int pcap_output(ulog_iret_t *res)
{
struct pcap_pkthdr pchdr;
}
}
-void sighup_handler_pcap(int signal)
+static void pcap_signal_handler(int signal)
{
switch (signal) {
case SIGHUP:
break;
}
}
-
-static ulog_output_t logemu_op[] = {
- { NULL, "pcap", &_output_pcap, &sighup_handler_pcap },
- { NULL, "", NULL, NULL },
-};
-
-/* register output plugin with ulogd */
-static void _logemu_reg_op(void)
-{
- ulog_output_t *op = logemu_op;
- ulog_output_t *p;
-
- for (p = op; p->output; p++)
- register_output(p);
-}
-
-void _init(void)
+static int pcap_init(void)
{
/* FIXME: error handling */
config_parse_file("PCAP", &pcapsync_ce);
#else
append_create_outfile();
#endif
+ return 0;
+}
+
+static void pcap_fini(void)
+{
+ if (of)
+ fclose(of);
+}
+
+static ulog_output_t pcap_op = {
+ .name = "pcap",
+ .init = &pcap_init,
+ .fini = &pcap_fini,
+ .output = &pcap_output,
+ .signal = &pcap_signal_handler,
+};
+
+void _init(void)
+{
if (get_ids()) {
ulogd_log(ULOGD_ERROR, "can't resolve all keyhash id's\n");
}
- _logemu_reg_op();
+ register_output(&pcap_op);
}
{ } };
/* our main output function, called by ulogd */
-static int _pgsql_output(ulog_iret_t *result)
+static int pgsql_output(ulog_iret_t *result)
{
struct _field *f;
ulog_iret_t *res;
#define PGSQL_VALSIZE 100
/* create the static part of our insert statement */
-static int _pgsql_createstmt(void)
+static int pgsql_createstmt(void)
{
struct _field *f;
unsigned int size;
}
/* find out which columns the table has */
-static int _pgsql_get_columns(const char *table)
+static int pgsql_get_columns(const char *table)
{
PGresult *result;
char buf[ULOGD_MAX_KEYLEN];
}
/* make connection and select database */
-static int _pgsql_open_db(char *server, char *user, char *pass, char *db)
+static int pgsql_open_db(char *server, char *user, char *pass, char *db)
{
char connstr[80];
char * sql;
return 0;
}
-
-static ulog_output_t _pgsql_plugin = { NULL, "pgsql", &_pgsql_output, NULL };
-
-void _init(void)
+static int pgsql_init(void)
{
/* have the opts parsed */
config_parse_file("PGSQL", &table_ca);
- if (_pgsql_open_db(host_ce.u.string, user_ce.u.string,
+ if (pgsql_open_db(host_ce.u.string, user_ce.u.string,
pass_ce.u.string, db_ce.u.string)) {
ulogd_log(ULOGD_ERROR, "can't establish database connection\n");
return;
}
/* read the fieldnames to know which values to insert */
- if (_pgsql_get_columns(table_ce.u.string)) {
+ if (pgsql_get_columns(table_ce.u.string)) {
ulogd_log(ULOGD_ERROR, "unable to get pgsql columns\n");
return;
}
- _pgsql_createstmt();
- register_output(&_pgsql_plugin);
+ pgsql_createstmt();
+}
+static void pgsql_fini(void)
+{
+ PQfinish(dbh);
+}
+
+static ulog_output_t pgsql_plugin = {
+ .name = "pgsql",
+ .output = &pgsql_output,
+ .init = &pgsql_init,
+ .fini = &pgsql_fini,
+};
+
+void _init(void)
+{
+ register_output(&pgsql_plugin);
}
*
* 09 Sep 2003 Magnus Boden <sarek@ozaba.cx>
* - added support for more flexible multi-section conffile
+ *
+ * 20 Apr 2004 Nicolas Pougetoux <nicolas.pougetoux@edelweb.fr>
+ * - added suppurt for seteuid()
*/
#define ULOGD_VERSION "1.20"
#include <sys/types.h>
#include <dirent.h>
#include <getopt.h>
+#include <pwd.h>
+#include <grp.h>
#include <libipulog/libipulog.h>
#include <ulogd/conffile.h>
#include <ulogd/ulogd.h>
{
/* FIXME */
printf("ulogd Version %s\n", ULOGD_VERSION);
- printf("Copyright (C) 2000-2003 Harald Welte "
- "<laforge@gnumonks.org>\n\n");
- printf("Paramters:\n");
+ printf("Copyright (C) 2000-2004 Harald Welte "
+ "<laforge@gnumonks.org>\n");
+ printf("This is free software with ABSOLUTELY NO WARRANTY.\n\n");
+ printf("Parameters:\n");
printf("\t-h --help\tThis help page\n");
printf("\t-V --version\tPrint version information\n");
printf("\t-d --daemon\tDaemonize (fork into background)\n");
printf("\t-c --configfile\tUse alternative Configfile\n");
+ printf("\t-u --uid\tChange UID/GID\n");
}
static struct option opts[] = {
{ "daemon", 0, NULL, 'd' },
{ "help", 0, NULL, 'h' },
{ "configfile", 1, NULL, 'c'},
+ { "uid", 1, NULL, 'u' },
{ 0 }
};
int len;
int argch;
int daemonize = 0;
+ int change_uid = 0;
+ char *user = NULL;
+ struct passwd *pw;
+ uid_t uid = 0;
+ gid_t gid = 0;
ulog_packet_msg_t *upkt;
- while ((argch = getopt_long(argc, argv, "c:dh::V", opts, NULL)) != -1) {
+
+ while ((argch = getopt_long(argc, argv, "c:dh::Vu:", opts, NULL)) != -1) {
switch (argch) {
default:
case '?':
case 'c':
ulogd_configfile = optarg;
break;
+ case 'u':
+ change_uid = 1;
+ user = strdup(optarg);
+ pw = getpwnam(user);
+ if (!pw) {
+ printf("Unknown user %s.\n", user);
+ free(user);
+ exit(1);
+ }
+ uid = pw->pw_uid;
+ gid = pw->pw_gid;
+ break;
}
}
exit(1);
}
- logfile_open(logf_ce.u.string);
-
-#ifdef DEBUG
- /* dump key and interpreter hash */
- interh_dump();
- keyh_dump();
-#endif
-
/* allocate a receive buffer */
libulog_buf = (unsigned char *) malloc(bufsiz_ce.u.value);
exit(1);
}
+
+ if (change_uid) {
+ ulogd_log(ULOGD_NOTICE, "Changing UID / GID\n");
+ if (setgid(gid)) {
+ ulogd_log(ULOGD_FATAL, "can't set GID\n");
+ ipulog_perror(NULL);
+ exit(1);
+ }
+ if (setegid(gid)) {
+ ulogd_log(ULOGD_FATAL, "can't sett effective GID\n");
+ ipulog_perror(NULL);
+ exit(1);
+ }
+ if (initgroups(user, gid)) {
+ ulogd_log(ULOGD_FATAL, "can't set user secondary GID\n");
+ ipulog_perror(NULL);
+ exit(1);
+ }
+ if (setuid(uid)) {
+ ulogd_log(ULOGD_FATAL, "can't set UID\n");
+ ipulog_perror(NULL);
+ exit(1);
+ }
+ if (seteuid(uid)) {
+ ulogd_log(ULOGD_FATAL, "can't set effective UID\n");
+ ipulog_perror(NULL);
+ exit(1);
+ }
+ }
+
+ logfile_open(logf_ce.u.string);
+
+#ifdef DEBUG
+ /* dump key and interpreter hash */
+ interh_dump();
+ keyh_dump();
+#endif
if (daemonize){
if (fork()) {
exit(0);
projects / thirdparty / ulogd2.git / commitdiff
